Security News > 2020 > May > PoC Exploit Released for DoS Vulnerability in OpenSSL
2020-05-05 08:59
A proof-of-concept exploit has been made public for a recently patched vulnerability in OpenSSL that can be exploited for denial-of-service attacks.
OpenSSL versions 1.1.1d, 1.1.1e and 1.1.1f are affected by a high-severity vulnerability that has been described as a segmentation fault in the SSl check chain function.
Security researcher Imre Rad has published a PoC exploit for the vulnerability, along with a description of the exploitation process.
CVE-2020-1967 was the first vulnerability patched in OpenSSL in 2020.
As SecurityWeek reported a few months ago, OpenSSL security has evolved since the disclosure of the Heartbleed vulnerability back in 2014.
News URL
Related news
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)
- Cisco warns of denial of service flaw with PoC exploit code (source)
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
- CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability (source)
- Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159) (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-21 | CVE-2020-1967 | NULL Pointer Dereference vulnerability in multiple products Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. | 7.5 |